What is the difference between SentinelOne Core, Control and Complete?

Updated: Jan 17

The Singularity Platform is an Edge to Edge Enterprise Security Platform.


"One platform to prevent, detect, respond, and hunt in the context of all enterprise assets. See what has never been seen before. Control the unknown. All at machine speed."


SentinelOne's single-agent technology provides solutions with three different tiers of functionality, Core, Control and Complete. All versions use machine learning and automation to prevent, detect and respond to attacks across all major vectors. In this blog post, we will outline the key differences between SentinelOne Singularity Core, Control and Complete, so you can find which licence type best fits your organisation's needs.


Each licence offers the same SaaS management console features:

  • Global SaaS implementation. Highly available. Choice of locality (US, EU, APAC)

  • Flexible administrative authentication and authorisation: SSO, MFA, RBAC

  • Administration is customisable to match your organisational structure.

  • 365 days of threat incident history

  • Integrated SentinelOne Threat Intelligence and MITRE ATT&CK Threat Indicators

  • Data-driven Dashboard Security Analytics

  • Configurable notifications by email and syslog.

  • Singularity API-driven XDR integrations (SIEM, sandbox, Slack, 3rd party Threat Intel, etc.)

  • Single API with 340+ functions

Each of the offerings builds upon the one below it.